You are viewing an outdated report. The latest version of this report was published on December 1st, 2016

Internet Cookie Report

August 1st, 2005

Report Description

How widespread is the use of cookies? Based on a survey of
797,293 sites,21.0% of servers were found to be sending cookies along with a web page.

Cookie Survey Results

Of the sites using cookies:

Set a cookie for all hosts in the domain

2.8%

Set a cookie for longer than a day

25.9%

Set a cookie for longer than a year

16.2%

Set a cookie for longer than a decade

6.9%

Set a cookie for all URLs on the site

99.2%

Popular Cookies

On the 167,690 sites found using cookies, the most common cookie names were:

Cookie Name

% of sites

ASPSESSIONID*

43.0%

PHPSESSID

15.4%

ASP.NET_SessionId

5.0%

CFID

4.2%

CFTOKEN

4.2%

JSESSIONID

3.3%

BX

2.1%

phpbb2mysql_sid

1.4%

phpbb2mysql_data

1.4%

nuid

1.3%

lang

1.2%

What is a cookie?

When a web server responds to a request (for a document, an image in
a document, etc) it can send small named pieces of data called "Cookies" along
with the requested data. These cookies are normally stored in your web browser and sent
back to that web server each time you make a request. Cookies are often
used to keep track of sessions, so the server can easily identify
the same user from one request to the next. For example, a server could
attempt to set a cookie named "USER" with the value "John" so that on the
next request the server knows that this is user John.

When a server sends a cookie, it can ask the browser to store the
cookie for a period of time, so that the cookie is remembered between
sessions, even if your web browser or computer has been shut down. This is
the expiry time of the cookie, which by default is to the end of the current
session.

A cookie can be set so that it only applies to a certain pattern of URLs
on that server, but the default is for the cookie to be sent with all requests
to that server. It is also possible for a cookie to be set so that the browser
will send the cookie with requests to all servers in the same domain, not
just the one web server.

Due to their use in tracking users and some security problems surrounding
them, cookies have been a concern to many privacy and security advocates.

Methodology

In order to determine how wide spread the use of cookies is across the
internet, we crawl a large number of web sites and take note of any cookies
that web servers attempt to send us along with the HTML of the crawled pages.
When the crawling has completed, we count the number of servers that sent us
cookies and collect some statistics on those cookies including expiry times,
if the cookie was set for all URLs on the server, and if the cookie was set
for the entire domain.

Our crawler is only used to crawl web pages and not any images, applets,
or other objects that may be contained in those pages. This means that
any cookies sent only with those objects and not with any HTML pages will
not be discovered by our crawler, but they would be received by most web
browsers.